Skip to content

Commit

Permalink
squashme: minor fix
Browse files Browse the repository at this point in the history
  • Loading branch information
@olevski
olevski committed Jan 19, 2024
1 parent fd03189 commit cbc89af
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 39 deletions.
8 changes: 4 additions & 4 deletions helm-chart/renku/templates/gateway/_helpers.tpl
View file
Original file line number Diff line number Diff line change
@@ -1,21 +1,21 @@
{{/*
Template core service paths as a comma separated list
*/}}
{{- define "gateway.core.paths" -}}
{{- define "gateway.core.pathsYaml" -}}
{{- $paths := list -}}
{{- range $i, $k := (keys .Values.global.core.versions | sortAlpha) -}}
{{- $paths = mustAppend $paths (printf "/api/renku/%s" (get $.Values.global.core.versions $k).prefix) -}}
{{- if eq $k "latest" -}}
{{- $paths = mustAppend $paths "/api/renku" -}}
{{- end -}}
{{- end -}}
{{- join "," $paths | quote -}}
{{- $paths | toYaml -}}
{{- end -}}

{{/*
Template core service names as a comma separated list
*/}}
{{- define "gateway.core.serviceNames" -}}
{{- define "gateway.core.serviceNamesYaml" -}}
{{- $serviceNames := list -}}
{{- $coreBaseName := printf "%s-core" .Release.Name -}}
{{- range $i, $k := (keys .Values.global.core.versions | sortAlpha) -}}
Expand All @@ -25,7 +25,7 @@ Template core service names as a comma separated list
{{- $serviceNames = mustAppend $serviceNames $serviceName -}}
{{- end -}}
{{- end -}}
{{- join "," $serviceNames | quote -}}
{{- $serviceNames | toYaml -}}
{{- end -}}

{{/*
Expand Down
6 changes: 4 additions & 2 deletions helm-chart/renku/templates/gateway/config.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -29,8 +29,10 @@ data:
kg: {{ printf "http://%s-knowledge-graph" .Release.Name | quote }}
webhoook: {{ printf "http://%s-webhook-service" .Release.Name | quote }}
core:
serviceNames: {{ template "gateway.core.serviceNames" . }}
servicePaths: {{ template "gateway.core.paths" . }}
serviceNames:
{{- include "gateway.core.serviceNamesYaml" . | nindent 12 }}
servicePaths:
{{- include "gateway.core.pathsYaml" . | nindent 12 }}
sticky: true
dataService: {{ printf "http://%s-data-service" .Release.Name | quote }}
keycloak: {{ include "renku.keycloakUrl" . | quote }}
Expand Down
22 changes: 17 additions & 5 deletions helm-chart/renku/templates/gateway/deployment-revproxy.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -48,12 +48,27 @@ spec:
secretKeyRef:
name: {{ .Values.global.redis.existingSecret }}
key: {{ .Values.global.redis.existingSecretPasswordKey }}
- name: LOGIN_PROVIDERS_RENKU_CLIENTSECRET
valueFrom:
secretKeyRef:
name: {{ cat (include "renku.fullname" .) "-gateway" | nospace }}
key: oidcClientSecret
- name: LOGIN_PROVIDERS_GITLAB_CLIENTSECRET
valueFrom:
secretKeyRef:
name: {{ cat (include "renku.fullname" .) "-gateway" | nospace }}
key: gitlabClientSecret
- name: LOGIN_PROVIDERS_RENKU-CLI_CLIENTSECRET
valueFrom:
secretKeyRef:
name: {{ cat (include "renku.fullname" .) "-gateway" | nospace }}
key: cliClientSecret
- name: MONITORING_SENTRY_DSN
value: {{ .Values.gateway.sentry.dsn }}
volumeMounts:
{{- include "certificates.volumeMounts.system" . | nindent 12 }}
- mountPath: "/etc/gateway"
name: public-config
- mountPath: "/etc/gateway"
name: secret-config
livenessProbe:
httpGet:
path: /health
Expand Down Expand Up @@ -87,7 +102,4 @@ spec:
- name: public-config
configMap:
name: {{ template "gateway.name" . }}
- name: secret-config
secret:
secretName: {{ printf "%s-gateway" (include "renku.fullname" .) }}

34 changes: 6 additions & 28 deletions helm-chart/renku/templates/gateway/secret.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -70,19 +70,19 @@
{{- $tokenEncryptionSecretKey := randAlphaNum 32 | b64enc | quote }}
{{- $secret := (lookup "v1" "Secret" .Release.Namespace $secretName) }}
{{- if $secret }}
{{- $tokenEncryptionSecretKey = index $secret.data "login.tokenEncryption.secretKey" }}
{{- $tokenEncryptionSecretKey = index $secret.data "tokenEncryption" }}
{{- end -}}

{{- $csrfCookieEncodingKey := randAlphaNum 32 | b64enc | quote }}
{{- $secret := (lookup "v1" "Secret" .Release.Namespace $secretName) }}
{{- if $secret }}
{{- $csrfCookieEncodingKey = index $secret.data "login.providers.renku.cookieEncodingKey" }}
{{- $csrfCookieEncodingKey = index $secret.data "cookieEncodingKey" }}
{{- end -}}

{{- $csrfCookieHashKey := randAlphaNum 32 | b64enc | quote }}
{{- $secret := (lookup "v1" "Secret" .Release.Namespace $secretName) }}
{{- if $secret }}
{{- $csrfCookieHashKey = index $secret.data "login.providers.renku.cookieHashKey" }}
{{- $csrfCookieHashKey = index $secret.data "cookieHashKey" }}
{{- end -}}

apiVersion: v1
Expand Down Expand Up @@ -116,29 +116,7 @@ data:
# A secret for the Gitlab client in Keycloak if an internal Gitlab is used
gitlabClientInKeycloakSecret: {{ $gitlabClientInKeycloakSecret }}
{{- end }}

#### New stuff for the gateway refactoring
secret_config.yaml: |
login:
tokenEncryption:
secretKey: {{ $tokenEncryptionSecretKey }}
providers:
renku:
# A secret for the "renku" OIDC client in Keycloak
clientSecret: {{ $oidcClientSecret }}
cookieEncodingKey: {{ $csrfCookieEncodingKey }}
cookieHashKey: {{ $csrfCookieHashKey }}
renku-cli:
# A secret for the Renku CLI client in Keycloak
clientSecret: {{ $cliClientSecret }}
cookieEncodingKey: {{ $csrfCookieEncodingKey }}
cookieHashKey: {{ $csrfCookieHashKey }}
gitlab:
# The OIDC client must be created manually in Gitlab prior to installing Renku
clientSecret: {{ $gitlabClientSecret }}
cookieEncodingKey: {{ $csrfCookieEncodingKey }}
cookieHashKey: {{ $csrfCookieHashKey }}
monitoring:
sentry:
dsn: {{ .Values.gateway.sentry.dsn }}
cookieEncodingKey: {{ $csrfCookieEncodingKey }}
cookieHashKey: {{ $csrfCookieHashKey }}
tokenEncryption: {{ $tokenEncryptionSecretKey }}

0 comments on commit cbc89af

Please sign in to comment.